Spain Among the Top 3 in Europe for Ransomware Attacks
Spain has climbed to the podium of the European countries most affected by ransomware attacks, according to the report Threat Landscape 2025 published by ENISA (European Union Agency for Cybersecurity). This is clear evidence that ransomware is not an isolated threat, but a real and persistent risk.
What is ransomware?
It is a type of attack that blocks and encrypts the data of a computer or network, preventing access until a financial ransom is paid to restore it.
Why Spain?
The report notes that the countries leading the ranking share a common factor: they are considered major economic players within the European Union, making them high-value targets for cybercriminals.
Over the past year, Spain has been impacted by various ransomware groups such as Qilin, Akira, and FOG, affecting both private companies of different sizes and public institutions.
Which sectors have been most affected?
The analysis identifies three sectors particularly hit by this type of attack: manufacturing, business services, and public administration.
Data related to the public sector is especially noteworthy. Approximately 15% of the total incidents recorded in Spain targeted public administrations. This figure represents a significant increase compared to the previous year.
A real case: Infortisa
In November 2024, the Spanish IT company Infortisa was the victim of a ransomware attack that encrypted its servers and systems, compromising sensitive customer information and halting operations during the peak Black Friday period.
Although the company gradually managed to restore its activity, the incident highlighted how a cyberattack can disrupt business continuity and generate significant economic and reputational impact.